提交 #523016: Kerio Connect KerioConnect 10.0.6 PORTABLE DATA EXFILTRATION信息

标题Kerio Connect KerioConnect 10.0.6 PORTABLE DATA EXFILTRATION
描述In all sections intended for file uploads, it is possible to execute script code within a .pdf file extension.And this helps us execute the XSS vulnerability by uploading a malicious PDF file.
来源⚠️ https://github.com/0xs1ash/poc/blob/main/portable_data_exfiltration.md
用户
 slash0x99 (UID 77812)
提交2025-03-19 13時42分 (1 年前)
管理2025-03-30 09時48分 (11 days later)
状态已接受
VulDB条目302029 [GFI KerioConnect 10.0.6 PDF File 跨网站脚本]
积分16

上一步一览下一步

Do you want to use VulDB in your project?

Use the official API to access entries easily!